Show HN: Desktop GUI sandbox for AI agents and MCP servers
Nilbox is a desktop sandbox designed for running untrusted AI agents with enhanced security features. It utilizes real VM isolation and a zero-token architecture to protect sensitive API keys from exposure. The system allows for seamless integration of AI agents while ensuring that real credentials are never compromised.
- ▪Nilbox provides real VM isolation, ensuring that workloads run in a full virtual machine rather than a container.
- ▪The zero-token architecture prevents API keys from entering the guest environment, swapping them in-flight for trusted domains only.
- ▪Nilbox allows AI agents to operate without code changes, maintaining their functionality while enhancing security.
Opening excerpt (first ~120 words) tap to expand
Desktop sandbox for running AI agents you don't trust — with real VM isolation and zero-token security. Quick Start · Use Case · How It Works · Features · Docs Why nilbox? AI agents need shell access, filesystem access, and outbound API calls. Running them in a container on the host kernel isn't real isolation — especially when those agents handle real credentials. nilbox takes a different approach: Real VM isolation — workloads run in a full virtual machine, not a container Zero-token architecture — API keys never enter the guest; the host proxy swaps tokens in-flight for trusted domains only Host-controlled network — all outbound traffic routes through VSOCK to a domain-gating proxy with rate limits and approval prompts If you wouldn't give someone your API keys, don't put those keys…
Excerpt limited to ~120 words for fair-use compliance. The full article is at GitHub.